CSCE 557: INTRODUCTION TO CRYPTOGRAPHY End of Course Summary of Objectives Fall 2005—Prof. Duncan A. Buell Catalog Description: 557—Introduction to Cryptography. ={MATH 587} (3) (Prereq: CSCE 145, MATH 241 or 250, and either CSCE 355 or MATH 574) Design of secret codes for secure communication, including encryption and integrity verification; ciphers, cryptographic hashing, and public key cryptosystems such as RSA. Mathematical principles underlying encryption. Code-breaking techniques. Cryptographic protocols. Prerequisite(s) By Topic: Introduction to programming Discrete mathematics Vector calculus Textbook(s) and Other Required Material: Wade Trappe and Lawrence C. Washington, Introduction to Cryptography with Coding Theory, 2nd edition, Prentice Hall, Englewood Cliffs, NJ, 2005. Computing Platform: Windows XP, Unix Course Objectives: {Assessment Methods Shown in Braces} 1. Know the principles of cryptology and of cryptanalysis of historical ciphers {exams}. 2. Know and apply the theory and practice of modern cryptographic systems {exams, programming assignments}. 3. Know and apply the theory and practice of protocols (that will include cryptography) for secure electronic communication {exams, programming assignments}. 4. Be aware of the social, ethical, and political issues surrounding cryptography and its use in (especially electronic) communications. Topics Covered: 1. Mathematical preliminaries (8 hours) 2. Security uses of cryptography (3 hours) 3. Cryptanalysis of classical ciphers (3 hours) 4. Information theory; perfect secrecy; one-time pads (3 hours 5. Product cryptosystems and block ciphers (3 hours) 6. AES (Advanced Encryption Standard) – Rijndael (3 hours) 7. Public key encryption and RSA (6 hours) 8. Digital signatures (3 hours) 9. Authentication and key exchange (4 hours) 10. Advanced topics (3 hours) 11. Reviews and tests (3 hours) Laboratory Projects and Other Student Work Programming assignments, written assignments, and examinations. Difference between Undergraduate and Graduate Work To receive graduate credit, students must complete a major project in addition to the programming assignments. Syllabus Flexibility: High. The instructor chooses the textbook, language, and projects. 3 3 1 1 1 2 1 1 3 2 2 1 3 1 1 2 Estimated Computing Category Content (Semester hours): Area Core Advanced Area Algorithms 3 Data Structures Software Programming Design Languages Computer Architecture 1 Core Estimated Information Systems Category Content (Semester hours): Area Core Advanced Area Core Hardware and Networking and Software Telecommunications Modern Analysis Programming and Language Design Data Role of IS in an Management Organization Quantitative Information Systems Advanced Advanced 1 1 11. Electronics and Digital Sys Design 10. Application Area 5. Communicate Effectively 6. Liberal arts & Soc. Sciences 7. Basic Science and Lab Procedures 8. Learn New Tools & Processes 9. Employed upon Graduation 4. Work on teams 2. Computing Fundamentals 3. Apply Computing Principles Course Objectives 1. Historical cryptography 2. Modern cryptography 3. Protocols for secure communication 4. Social/ethical/political issues 1. Logic & Math Relationship of Course to Program Outcomes: The contribution of each course objective to meeting the program outcomes is indicated with the scale: 3 = major contributor, 2 = moderate contributor, 1 = minor contributor. Blank if not related. Program Outcomes Analysis 1 Environment Oral and Written Communication: None Social and Ethical Issues: Role of cryptology in society; security issues Theoretical Content: Mathematics fundamental to cryptology Analysis and Design: Cryptographic systems. Class/Laboratory Schedule: Lecture: 3 periods of 50 minutes or 2 periods of 75 minutes per week Course Coordinator: Duncan Buell Modification and Approval History: Initial description September 2002 Revised June 2005 by Duncan Buell to update text and clarify objectives and topics Assessment of Learning by Course-Objective: Summary of Results by Objective and Percentage of Students Meeting Course Objectives: % Students Meeting Objective Coursework Program 1 Program 2 Program 3 Program 4 Program 5 Class Discussion Exam Final Exam Average Topic Test exercise in computing LFSR DES Factoring Digital Signatures Obj. 1 Obj. 2 Obj. 3 74% 85% 85% 66% 74% 85% 85% 66% Social, ethical, policy issues Comprehensive Comprehensive Obj. 4 89% 74% 85% 75% 70% 78% 78.4% 78% 77.7% 88.8% Measurement of Course Objectives The objective standard used is 70% for the programming assignments. Labs are graded on a scale of 0 to 50 points, with the score reflecting correctness of the program design, successful compilation, correct execution of the program, and documentation of the code. Thus, a standard of 70% implies that at least half of the program’s functionality worked correctly. An objective standard of 60% was used for the exams. Percentage distributions are based on 27 undergraduate students who received who received grades for the class. Objective 1. Know the principles of cryptology and of cryptanalysis of historical ciphers. Introductory work was included on historical ciphers, including one programming exercise; these ciphers are broken with a combination of probability/statistics, combinatorics, and language modeling. Objective 2. Know and apply the theory and practice of modern cryptographic systems. The background of public key cryptography is computational number theory. This expertise was measured with programming exercises in factoring and digital signatures as well as questions on the exams. There was also material, albeit less intensive because much more mathematical, on the cryptanalytic methods for AES and the introductory mathematics of information theory. Objective 3. Know and apply the theory and practice of protocols (that will include cryptography) for secure electronic communication. The first step of secure communication is a strong cryptographic algorithm. Secure communication also requires the implementation of the algorithm in a way that does not compromise the security. Knowledge of this was tested on exams. Objective 4. Be aware of the social, ethical, and political issues surrounding cryptography and its use in (especially electronic) communications. This objective is especially hard to present and evaluate because it is highly charged with political overtones. Nonetheless, discussions were held in class on such topics as: the equities problem in SIGINT versus COMSEC activities; the difficult problem of discerning the truth (for example, about whether limiting export by key size is affecting economic competitiveness more or less than it hurts national interests with regard to the information that can be made available to the government) when so much information is kept classified; and the role of technical expertise by NSA in decisions by NIST regarding standards for cryptographic systems. Student feedback in these discussions factored in to the part of their final grades that came from in-class participation. Grade Distribution: A 22.2% (6) B+ 7.4% (2) B 33.3% (9) C+ 7.4% (2) C 14.8% (4) D+ 3.7% (1) D 0.0% (0) F 7.4% (2) W 3.7% (1) Total: 100% (27) What differences did you notice in the performance of the different majors, CIS, CE, and CS? There were undergraduate CE, CIS, and CS majors as well as mathematics majors in the class. In general, this course required two complementary skills—mathematics and computing, and there was no noticeable difference in either between the CE and the CS students. The mathematics students had less programming background and also did not seem to have a noticeable edge in the more mathematical aspects. There were only two CIS majors in the class. Neither did especially well, which could be due to a poorer background in mathematics. However, neither of the CIS students was especially “responsible” as a student with regard to class attendance and turning in assignments. Whether the lack of responsibility was due to expected poor performance or merely an indicator of poor performance was impossible to tell.